Your IP : 216.73.216.34

Current Path : /home/zqegovsj/www/us3web.haibo.com.cn/biguo/
Upload File :
Current File : /home/zqegovsj/www/us3web.haibo.com.cn/biguo/function.php

<?php 
function inject_check($sql_str){  
 $check=eregi('select|insert|and|or|update|delete|\'|\/\*|\*|\.\.\/|\.\/|union|into|load_file|outfile', $sql_str);  
if($check){  
 echo "Please input correct character";  
 exit();  
 }else{  
  return $sql_str;  
 }  
}

function str_check( $str ) { 
    if(!get_magic_quotes_gpc()) { 
        $str = addslashes($str); // 进行过滤 
    } 
    $str = str_replace("_", "\_", $str); 
    $str = str_replace("%", "\%", $str); 
     
   return $str; 
} 

function post_check($post) { 
    if(!get_magic_quotes_gpc()) { 
        $post = addslashes($post);
    } 
    $post = str_replace("_", "\_", $post); 
    $post = str_replace("%", "\%", $post); 
    $post = nl2br($post); 
    $post = htmlspecialchars($post); 
    return $post; 
}

function check_input($value)
{
if (get_magic_quotes_gpc())
  {
  $value = stripslashes($value);
  }
if (!is_numeric($value))
  {
  $value = "'" . mysql_real_escape_string($value) . "'";
  }
return $value;
}


class db
{	
var $server='rm-rj92d8pf9vuhmg63ido.mysql.rds.aliyuncs.com';  			
var $user="aliyun_us_suplist2024_user";			
var $pass="gd#d^w*na2W4yNtc5JLC";
var $db="aliyundb_us_suplist2024";

function selectone($sql)
{	
$linkmysql = mysqli_connect($this->server,$this->user,$this->pass);
mysqli_set_charset($linkmysql,'utf8');
mysqli_select_db($linkmysql,$this->db);
$result = mysqli_query( $linkmysql,$sql );
@$a=mysqli_fetch_row($result);
return $a;
}

function selectarray($sql)
{
$linkmysql = mysqli_connect($this->server,$this->user,$this->pass);
mysqli_set_charset($linkmysql,'utf8');
mysqli_select_db($linkmysql,$this->db);
$result = mysqli_query( $linkmysql,$sql );
return $result;
}

function query($sql)
{
$linkmysql = mysqli_connect($this->server,$this->user,$this->pass);
mysqli_set_charset($linkmysql,'utf8');
mysqli_select_db($linkmysql,$this->db);
$result = mysqli_query( $linkmysql,$sql );
$res=array();
while(@$a=mysqli_fetch_assoc($result)){
$res[]=$a;
}
return $res;
}

function creatradio($radio,$name,$value){
@$radio_name=array_values($radio);
@$radio_id=array_keys($radio);
for($i=0;$i<count($radio);$i++){ 

$result.=  '<label><input type="radio" name="'.$name.'" value="'.$radio_id[$i].'" ';
if($radio_id[$i]==$value){$result.=' checked';}
$result.='  />'.$radio_name[$i].'</label>';}
return $result;}

function creatoption($radio,$name,$value){
$result='<select name="'.$name.'">';
@$radio_name=array_values($radio);
@$radio_id=array_keys($radio);
for($i=0;$i<count($radio);$i++){ 
$result.=  '<option value="'.$radio_id[$i].'" ';
if($radio_id[$i]==$value){$result.=' selected';}
$result.='/>'.$radio_name[$i].'</option>';
}$result.='</select>';

return $result;
}
function creatcheckboxes($radio,$name,$value){
$value=explode(',',$value);
@$radio_name=array_values($radio);
@$radio_id=array_keys($radio);
for($i=0;$i<count($radio);$i++){ 

$result.=  '<label><input type="checkbox" name="'.$name.'[]" value="'.$radio_id[$i].'" ';
if(in_array($radio_id[$i],$value)){$result.=' checked';}
$result.='  />'.$radio_name[$i].'</label>';
}

return $result;}

function save($row,$table)
{ 
$a=array_values($row);
$a = implode("', '", $a);	
$b=array_keys($row);	
$b = implode("` ,
`", $b);

$c=$this->selectarray("INSERT INTO `".$table."` (`".$b."`)VALUES ('".$a."')");
return $c;
}

function upload($row,$table,$id)
{ 
@$a=array_values($row);

@$b=array_keys($row);
$sql.="UPDATE `".$table."` SET `".$b[0]."` = '".$a[0];
for($i=1;$i<count($row);$i++){
$sql.="',
`".$b[$i]."` = '".$a[$i];
		}
		$sql.="' WHERE `id` =".$id;
	$c=$this->selectarray($sql);
	return $c;
	}
  function toarray($result)
    	{  $j=0;
    $array = array();
   
     while(@$row=mysqli_fetch_row($result)){

	 	for($i= 0;$i<count($row);$i++){
        $array[$j][$i] = $row[$i]; 

	 	}$j++;

   	 } return($array);
   }

function array_multi2single($array) 
  { 
 if(!is_array($array))return '';
    foreach($array as $value) 
    { 
          $result_array[]=$value[0]; 
    }
	if(isset($result_array)){
    return $result_array; 
}
  } 

function mystrcut($string,$length,$etc='...'){   
         $result= '';
         $string = html_entity_decode(trim(strip_tags($string)),ENT_QUOTES,'UTF-8');     
         $strlen = strlen($string);   
         for($i=0; (($i<$strlen)&& ($length> 0));$i++){   
             $number=strpos(str_pad(decbin(ord(substr($string,$i,1))), 8, '0', STR_PAD_LEFT), '0');
             if($number){   
                if($length   <   1.0) {   
                    break;   
                }   
                 $result   .=   substr($string, $i, $number);   
                   $length   -=   1.0;   
                $i   +=   $number   -   1;   
            }else{
                $result   .=   substr($string, $i, 1);   
                $length   -=   0.5;
            }   
         }   
     $result = htmlspecialchars($result, ENT_QUOTES, 'UTF-8');   
         if($i<$strlen){   
            $result   .=   $etc;   
         }   
        return   $result;   
}

function checkUserLogin2($uname,$upass)
	{
		global $time;
		$sql = "SELECT id AS UserID,user_name AS LoginName,user_pass AS LoginPass,level AS MemberStatus FROM cn_adminers WHERE user_name='$uname'";
		$tmpUser = $this->selectarray($sql);
		$tmpUser = $this->toarray($tmpUser);
		$true_pass = $tmpUser[0][2];
		if (empty($uname) || empty($upass)){
			return -1;
		}elseif(!$tmpUser[0][0]) {
		return -2;
		}elseif (strcmp($true_pass,md5($upass))!=0){
			return -3;
		}elseif ($tmpUser[0][3] ==0) {
			return -4;
		}elseif ($tmpUser[0][3] ==1) {
			$_SESSION['MemberID']=$tmpUser[0][0];
			$_SESSION['MemberName']=$tmpUser[0][1];
			$_SESSION['freemember']=1;
			return 0;
		}else {
			return 1;
		}
	}
	
function turn_name($name){
$p_name=$name;
$p_name = str_replace("&","",$p_name);
$p_name = str_replace(",","",$p_name);
$p_name = str_replace("/","",$p_name);
$p_name = str_replace(".","",$p_name);
$p_name = str_replace("%","",$p_name);
$p_name = str_replace("(","",$p_name);
$p_name = str_replace(")","",$p_name);
$p_name = str_replace("#","",$p_name);
$p_name = str_replace("@","",$p_name);
$p_name = str_replace("*","",$p_name);
$p_name = str_replace("=","",$p_name);
$p_name = str_replace(":","",$p_name);
$p_name = str_replace("-","",$p_name);
$p_name = str_replace("_","",$p_name);
$p_name = str_replace("!","",$p_name);
$p_name = str_replace("?","",$p_name);
$p_name = str_replace("'","",$p_name);
$p_name = str_replace("+","",$p_name);
$p_name = str_replace("'","",$p_name);
$p_name = str_replace("`","",$p_name);
$p_name = str_replace("$","",$p_name);
$p_name = str_replace("[","",$p_name);
$p_name = str_replace("]","",$p_name);
$p_name = str_replace("\"","",$p_name);
$p_name = str_replace("“","",$p_name);
$p_name = str_replace("”","",$p_name);
$p_name = str_replace(" ","-",$p_name);

$p_name=strtolower($p_name);
return $p_name;	
	 
}
} 
function uatrim(&$val)
{
	foreach($val as $k=>$v){
		$val[$k] = strip_tags(trim($v));
	}
}
$db=new db();
set_time_limit (999999);
$id=2217;
$noe_version='en';

extract($_GET);
$member = $db->selectone("select username,version_site,firstname,service_end_date  from members where id=".$id);

if (strtotime(date("Y-m-d"))>$member[3]){
echo "<meta http-equiv=refresh content='0; url=webexc.html'>";};

$status = $db->selectone("select isfanyi,ishuiyuan,iszaixian,islianxi,home_show,about_show,product_show,feedback_show,contact_show  from members where id=".$id);

$version_site=explode('***',$member[1]);

for($i=0;$i<count($version_site);$i++){

	$version_site[$i]=explode(',',$version_site[$i]);

	

}

$company=$db->selectone("select description,name,keyword1,keyword2,keyword3,keyword4,keyword5,keyword6,english_name,brand_img,picture,site_url,main_prod,email,index_content,index_content2,id from ".$noe_version."_companies where member_id=".$id);
$company[0]= stripslashes($company[0]);
$company[0]=html_entity_decode($company[0]);
$company[14]= stripslashes($company[14]);
$company[14]=html_entity_decode($company[14]);

$producttype=$db->selectarray("select id,name,name2,img from ".$noe_version."_producttypes where level=0 and member_id=".$id." order by cpt_range ASC");

$producttype=$db->toarray($producttype);

$flash=$db->selectarray("select img,website,name,des from ".$noe_version."_flash where member_id=".$id." order by flash_range  DESC");

$flash=$db->toarray($flash);

$newsnum = $db->selectone("select count(id) from ".$noe_version."_companynewses where member_id=".$id);

$downum = $db->selectone("select count(id) from ".$noe_version."_dow where member_id=".$id);

$secnum = $db->selectone("select count(id) from ".$noe_version."_newsection where member_id=".$id);

$sections=$db->selectarray("select id,name,name2 from ".$noe_version."_newsection where member_id=".$id);
$sections=$db->toarray($sections);

$time= time();

$company2=$db->selectone("select main_prod,address,province_code_id,city_code_id,zipcode,link_man,telcode,telzone,tel,faxcode,faxzone,fax,email,site_url,link_man_gender,country_id,more,mobile,link_man from ".$noe_version."_companies where member_id=".$id);

$url=$_SERVER['PHP_SELF']; 
$filename=substr($url,strrpos($url,'/')+1); 

$imgweb="biguo.us3web.haibo.com.cn"; 
$siteweb="biguo.us3web.haibo.com.cn"; 
$imgprod='us3.supplierlist.com/upload/'.$member[0]; 
$fontsgoogle="fonts.googleapis.com"; 


include('lang.php');
@header("Content-type: text/html; charset=utf-8"); 
?>